Amazon Linux 2 : python3-urllib3, --advisory ALAS2-2026-3376 (ALAS-2026-3376)

The version of python3-urllib3 installed on the remote host is prior to 1.25.6-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3376 advisory. urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-leve...

RHEL 9 : vim (RHSA-2026:28050)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28050 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox...

Oracle Linux 8 : kernel (ELSA-2026-27353)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-27353 advisory. - net/sched: fix pedit partial COW leading to page cache corruption Ivan Vecera RHEL-177582 CVE-2026-46331 - net/sched: actpedit: free pedit keys on...

Amazon Linux 2 : perl-HTML-Parser, --advisory ALAS2-2026-3357 (ALAS-2026-3357)

The version of perl-HTML-Parser installed on the remote host is prior to 3.71-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3357 advisory. HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing...

Amazon Linux 2023 : cni-plugins (ALAS2023-2026-1888)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1888 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Tenable has extracted the preceding description block directly from the tested product...

Amazon Linux 2 : golist, --advisory ALAS2-2026-3382 (ALAS-2026-3382)

The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3382 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN...

Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2026-1840)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1840 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...

RHEL 9 : vim (RHSA-2026:28049)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:28049 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: arbitrary command execution via modeline sandbox...

Amazon Linux 2 : cni-plugins, --advisory ALAS2-2026-3386 (ALAS-2026-3386)

The version of cni-plugins installed on the remote host is prior to 1.7.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3386 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Tenable has...

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2026-1839)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1839 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2026-1847)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1847 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing arbitrary HTML which is then rendered using Render can result in an...

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-111 (ALASNITRO-ENCLAVES-2026-111)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-111 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-256...

CentOS 9 : python-urllib3-1.26.5-8.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the python-urllib3-1.26.5-8.el9 build changelog. - urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API v...

RHEL 9 : evince (RHSA-2026:27819)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27819 advisory. The evince packages provide a simple multi-page document viewer for Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS files,...

RHEL 8 : kernel-rt (RHSA-2026:27812)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27812 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements...

Oracle Linux 8 : firefox (ELSA-2026-27717)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-27717 advisory. 140.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 - diable wasisdk to prevent build failure with newer llvm 140.12.0 -...

RHEL 8 : kernel (RHSA-2026:27811)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27811 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: selinux: fix overlayfs mmap and mprote...

RHEL 9 : kernel (RHSA-2026:27789)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27789 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix tx.buf...

RHEL 8 : webkit2gtk3 (RHSA-2026:27804)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27804 advisory. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing maliciously...

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.62 SP4 (RHSA-2026:27200)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27200 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTT...